The Protection Technology of Script-Based Cyber Attack

Jonghun Jung, Hwankuk Kim, Hyun-lock Choo, Lim ByungUk
{"title":"The Protection Technology of Script-Based Cyber Attack","authors":"Jonghun Jung, Hwankuk Kim, Hyun-lock Choo, Lim ByungUk","doi":"10.17265/1548-7709/2015.02.008","DOIUrl":null,"url":null,"abstract":"Recent web-based cyber attacks are evolving into a new form of attacks such as private information theft and DDoS attack exploiting JavaScript within a web page. These attacks can be made just by accessing a web site without distribution of malicious codes and infection. Script-based cyber attacks are hard to detect with traditional security equipments such as Firewall and IPS because they inject malicious scripts in a response message for a normal web request. Furthermore, they are hard to trace because attacks such as DDoS can be made just by visiting a web page. Due to these reasons, it is expected that they could result in direct damages and great ripple effects. To cope with these issues, in this article, a proposal is made for techniques that are used to detect malicious scripts through real-time web content analysis and to automatically generate detection signatures for malicious JavaScript.","PeriodicalId":69156,"journal":{"name":"通讯和计算机:中英文版","volume":"12 1","pages":"91-99"},"PeriodicalIF":0.0000,"publicationDate":"2015-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"通讯和计算机:中英文版","FirstCategoryId":"1093","ListUrlMain":"https://doi.org/10.17265/1548-7709/2015.02.008","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2

Abstract

Recent web-based cyber attacks are evolving into a new form of attacks such as private information theft and DDoS attack exploiting JavaScript within a web page. These attacks can be made just by accessing a web site without distribution of malicious codes and infection. Script-based cyber attacks are hard to detect with traditional security equipments such as Firewall and IPS because they inject malicious scripts in a response message for a normal web request. Furthermore, they are hard to trace because attacks such as DDoS can be made just by visiting a web page. Due to these reasons, it is expected that they could result in direct damages and great ripple effects. To cope with these issues, in this article, a proposal is made for techniques that are used to detect malicious scripts through real-time web content analysis and to automatically generate detection signatures for malicious JavaScript.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
基于脚本的网络攻击防护技术
最近,基于web的网络攻击正在演变成一种新的攻击形式,例如窃取私人信息和利用网页内的JavaScript进行DDoS攻击。这些攻击可以通过访问网站进行,而不会传播恶意代码和感染。基于脚本的网络攻击很难被传统的安全设备(如防火墙和IPS)检测到,因为它们在正常的web请求的响应消息中注入恶意脚本。此外,他们很难追踪,因为DDoS等攻击可以通过访问网页进行。由于这些原因,预计会造成直接损失和巨大的连锁反应。为了解决这些问题,本文提出了一种通过实时web内容分析来检测恶意脚本并自动生成恶意JavaScript检测签名的技术。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
843
期刊最新文献
A Review of 13,470 Head and Neck Injuries from Trampoline Jumping. A Learning Management System as an Assessment Tool: A Case of MUELE Interpretation of Information Security and Data Privacy Protection According to the Data Use During the Epidemic Propagation Path Loss Models at 28 GHz Using K-Nearest Neighbor Algorithm The Method on Deducing MultiplicityMeasurement Equations of Neutron/g
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1